To Modify the Agent Profile to Use SAMLv2
Transient
A transient name identifier is a temporary user identifier. In this use case, there is no user account on the service provider side so single sign-on is accomplished using a transient name identifier. All users passed from the identity provider to the service provider will be mapped to the anonymous user created in To Enable Anonymous Authentication. In this procedure, we modify the agent profile to use the transient name identifier format.
-
Access https://lb4.sp-example.com:1081/opensso/console from a web browser.
-
Log in to the OpenSSO Enterprise console as the administrator.
- Username
-
amadmin
- Password
-
ossoadmin
The Common Tasks tab is displayed.
-
Click the Access Control tab.
-
Click the / (Top Level Realm) realm.
-
Click the Agents tab.
-
Click the Web tab.
The Web profile page is displayed.
-
Click webagent-1 in the Agent table.
The webagent-1 profile page is displayed.
-
Click the OpenSSO Services tab.
-
Select https://lb4.sp-example.com:1081/opensso/spssoinit?metaAlias=/sp&idpEntityID=https://lb2.idp-example.com:1081/opensso in the OpenSSO Login URL property box and click Delete.
-
Enter https://lb4.sp-example.com:1081/opensso/spssoinit?metaAlias=/sp&idpEntityID=https://lb2.idp-example.com:1081/opensso&NameIDFormat=transient in the OpenSSO Login URL text box and click Add.
-
Click Save.
The profile is updated.
-
Log out of the OpenSSO Enterprise console.
- © 2010, Oracle Corporation and/or its affiliates